|
static private SignWithSha1RSA ( byte dataToSign, |
||
| dataToSign | byte | |
| rsaParameters | ||
| Результат | byte[] | |
/// <summary>
/// Returns signed cookies that provides tailored access to private content based on an access time window and an ip range.
/// </summary>
/// <param name="resourceUrlOrPath">
/// The URL or path for resource within a distribution.
/// </param>
/// <param name="privateKey">Your private key file. RSA private key (.pem) are supported.</param>
/// <param name="keyPairId">The key pair id corresponding to the private key file given.</param>
/// <param name="expiresOn">The expiration date till which content can be accessed using the generated cookies.</param>
/// <param name="activeFrom">The date from which content can be accessed using the generated cookies.</param>
/// <param name="ipRange">The allowed IP address range of the client making the GET request, in CIDR form (e.g. 192.168.0.1/24).</param>
/// <returns>The signed cookies.</returns>
public static CookiesForCustomPolicy GetCookiesForCustomPolicy(string resourceUrlOrPath,
TextReader privateKey,
string keyPairId,
DateTime expiresOn,
DateTime activeFrom,
string ipRange)
{
var cookies = new CookiesForCustomPolicy();
var policy = AmazonCloudFrontUrlSigner.BuildPolicyForSignedUrl(resourceUrlOrPath, expiresOn,
ipRange, activeFrom);
var base64EncodedPolicy = AmazonCloudFrontUrlSigner.MakeStringUrlSafe(policy);
cookies.Policy = new KeyValuePair <string, string>(PolicyKey, base64EncodedPolicy);
RSAParameters rsaParameters = AmazonCloudFrontUrlSigner.ConvertPEMToRSAParameters(privateKey);
byte[] signatureBytes = AmazonCloudFrontUrlSigner.SignWithSha1RSA(
UTF8Encoding.UTF8.GetBytes(policy), rsaParameters);
string urlSafeSignature = AmazonCloudFrontUrlSigner.MakeBytesUrlSafe(signatureBytes);
cookies.Signature = new KeyValuePair <string, string>(SignatureKey, urlSafeSignature);
cookies.KeyPairId = new KeyValuePair <string, string>(KeyPairIdKey, keyPairId);
return(cookies);
}
/// <summary>
/// Generate signed cookies that allows access to a specific distribution and
/// resource path by applying a access restrictions from a "canned" (simplified)
/// policy document.
/// </summary>
/// <param name="resourceUrlOrPath">
/// The URL or path that uniquely identifies a resource within a
/// distribution. For standard distributions the resource URL will
/// be <tt>"http://" + distributionName + "/" + path</tt>
/// (may also include URL parameters. For distributions with the
/// HTTPS required protocol, the resource URL must start with
/// <tt>"https://"</tt>. RTMP resources do not take the form of a
/// URL, and instead the resource path is nothing but the stream's
/// name.
/// </param>
/// <param name="keyPairId">Identifier of a public/private certificate keypair already configured in your Amazon Web Services account.</param>
/// <param name="privateKey">The RSA private key data that corresponding to the certificate keypair identified by keyPairId.</param>
/// <param name="expiresOn">The expiration date till which content can be accessed using the generated cookies.</param>
/// <returns>The signed cookies.</returns>
public static CookiesForCannedPolicy GetCookiesForCannedPolicy(string resourceUrlOrPath,
string keyPairId,
TextReader privateKey,
DateTime expiresOn)
{
var cookies = new CookiesForCannedPolicy();
int epochSeconds = AWSSDKUtils.ConvertToUnixEpochSeconds(expiresOn.ToUniversalTime());
cookies.Expires = new KeyValuePair <string, string>(
ExpiresKey, epochSeconds.ToString(CultureInfo.InvariantCulture));
RSAParameters rsaParameters = AmazonCloudFrontUrlSigner.ConvertPEMToRSAParameters(privateKey);
string cannedPolicy = "{\"Statement\":[{\"Resource\":\"" + resourceUrlOrPath
+ "\",\"Condition\":{\"DateLessThan\":{\"AWS:EpochTime\":" + epochSeconds
+ "}}}]}";
byte[] signatureBytes = AmazonCloudFrontUrlSigner.SignWithSha1RSA(
UTF8Encoding.UTF8.GetBytes(cannedPolicy), rsaParameters);
string urlSafeSignature = AmazonCloudFrontUrlSigner.MakeBytesUrlSafe(signatureBytes);
cookies.Signature = new KeyValuePair <string, string>(SignatureKey, urlSafeSignature);
cookies.KeyPairId = new KeyValuePair <string, string>(KeyPairIdKey, keyPairId);
return(cookies);
}
